I just wanted to share a new competition we launched yesterday called Hack The World. I think it could be interesting to those of you already hacking, but also those of you interested in learning to hack.
The idea is simple. HackerOne provides a platform where you can go and hack on popular products/services (e.g. Uber, Adobe, GitHub, Square, Slack, Dropbox, GM, Twitter, Yahoo!, and many more) and submit vulnerability reports. This is awesome for hackers as they can safely hack on products/services, try out new hacking approaches/tools, build relationships with security teams, build a resume of experience, and earn some cold hard cash.
Currently HackerOne has 550+ customers, has paid over $8.9 million in bounties, and fixed over 25,000 vulnerabilities, which makes for a safer Internet.Hack The World
Hack The World is a competition that runs from 20th July 2016 – 19th September 2016. In that time period we are encouraging people to hack programs on HackerOne and submit vulnerability reports.
When you a submit a vulnerability report that is valid, the program may award you a bounty payment (many people all over the world earn significant buckets of money from bounties). In addition, you will be rewarded reputation and signal. Reputation is an indicator of active activity and participation, and signal is the average reputation in your reports.
Put simply, whoever earns the most reputation in the competition can win some awesome prizes including $1337 in cash, a hackable FPV drone kit, awesome limited edition swag, and bragging rights as being one of the most talented hackers in the world.
To ensure the competition is fair for everyone, we have two brackets – one for experienced hackers and one for new hackers. There will be 1st, 2nd, and runner up prizes in each bracket. This means you folks new at hacking have a fighting chance to win!Joining in the fun
To get you started, we are providing a free copy of Peter Yaworski’s awesome Web Hacking 101 book. Ensure you are logged in and then go here to grab the book. It will then be emailed to you.
When your reports are reviewed by the security teams in the programs you are hacking on the reputation will be awarded. You will then start appearing on the Hack The World Leaderboard which at the time of writing looks a little like this:
This data is almost certainly out of date as you read this, so go and see the leaderboard here!
So that’s the basic idea. You can read all the details about Hack The World by clicking here.
Hack The World is a great opportunity to hack safely, explore new hacking methods/tools, make the Internet safer, earn some money, and potentially be crowned as a truly l33t hacker. Go hack and prosper, people!
This weekend I dropped Erica off at the airport. Driving through San Francisco we saw an inventive billboard designed to reduce texting and driving. Driver distraction is a big problem, with a 2012 study suggesting over 3,000 deaths and 421,000 injuries were a result of distraction. I am pretty confident those shiny, always connected cellphones are indeed a common distraction during a boring drive or in times when you are anxious for information.
So anyway, we were driving past this billboard designed to reduce texting and driving and it included an Apple messages icon with a message awaiting. It was similar to, but not the same as this:
While these billboards are good to have, I suspect they are only effective when they go beyond advocating a behavior and are actually able to trigger a real behavioral change. Rory Sutherland’s example of Scotland changing speeding signs from the number to an unhappy face, being a prime example – instead of telling drivers to drive more slowly, they tapped into the psychology of initiating that behavioral change.
When I saw this sign, it actually had the opposite effect on me. Seeing the notification icon with a message waiting caused a cognitive discomfort that something needed checking, tending to, and completing. You guessed it: it made me actually want to check my phone.The Psychology of Notifications
This got me thinking about the impact of notifications on our lives and whether part of the reason people text and drive is not because they voluntarily pick up the phone and screw around with it, but instead because they are either (a) notified by audio, or (b) feel the notification itch to regularly check their phone to see if there are new notifications and then action them. Given how both Android and Apple phones both display notifications on the unlocked screen, this makes it particularly easy to see a notification and then action it by clicking on it and loading the app, and then potentially smash your car into a Taco Bell sign.
There is of course some psychology that supports this. Classical Conditioning demonstrates that we can associate regularly exposed stimuli with key responses. As such, we could potentially associate time away from our computers, travel, or other cognitive functions such as driving, as a time when we think about our relationships, our work, and therefore feel the urge to use our phones. In addition to this, research in Florida demonstrated that any kind of audio notifications fundamentally disrupt productivity and thus are distracting.A Software Solution?
As such, it strikes me that a simple solution for reducing texting and driving could be to simply reduce notifications while driving.
For this work, I think a solution would need to be:
- Automatic – it detects when you are traveling and suitably disengages notifications.
- Contextual – sometimes we are speeding along but not driving (such as taking a subway, or as a passenger in a car).
- Incentivized – it is unlikely we can expect all phone makers to switch this on by default and not make it able to be disabled (nor should we). As such, we need to incentivize people to use a feature like this.
For the automatic piece some kind of manual installation would likely be needed but then the app could actively block notifications when it automatically detects the phone is above a given speed threshold. This could be done via transitional points between GPS waypoints and/or wifi hotspots (if in a database). If the app detects someone going faster than a given speed, it kicks in.
For the contextual piece I am running thin on ideas for how to do this. One option could be to use the accelerometer to determine if the phone is stationary or not (most people seem to put their phones in a cup holder or phone holder when they drive). If the accelerometer is wiggling around it might suggest the person is a passenger and has the phone on their lap, pocket, or in their hand. Another option could be an additional device that connects to the phone over bluetooth that determines proximity of the person in the car (e.g. a wrist-band, camera, sensor on the seat, or something else), but this would get away from the goals of it being automatic.
For the incentive piece, this is a critical component. With teenagers a common demographic, and thus first-time drivers, money could be an incentive. Lower insurance fees (particularly given how expensive teenagers are to insure), discounts/offers at stores teenagers care about (e.g. hot topic for the greebos out there, free food and other ideas could be an incentive. For older drivers the same benefits could apply, just in a different context.Conclusion
While putting up billboards to tell people to be responsible human beings is one tool in reducing accidents, we are better positioned than ever to use a mixture of technology and psychology to creatively influence behavior more effectively. If I had the time, I would love to work on something like this, but I don’t have the time, so I figured I would share the idea here as a means to inspire some discussion and ideas.
So, comments, feedback, and ideas welcome!